CRIF takes major steps towards cyber insurance goals
The Cyber Risk Insurance Forum (CRIF) has taken major steps towards its goal of developing a website that will help raise cyber insurance awareness and offer cyber risk guidance for companies considering taking out cyber insurance. CRIF has developed first drafts of the cyber risk matrix, and cyber risk and privacy framework which can be found here.
Law firm DAC Beachcroft has also joined the forum to strengthen CRIF’s legal knowledge, ahead of impending national and EU regulatory changes. CRIF is also urging businesses of all types and sizes to participate in our survey on organisations adoption and thinking around cyber risk and insurance.
Daljitt Barn, CRIF chairman and associate director at global information assurance firm, NCC Group said: “We’ve made some fantastic progress recently, and now we need businesses to get involved and help shape a cyber insurance framework. If we’re to develop a model that can help companies on the ground we need a community approach.”
As an adolescent class of business, cyber insurance is underwritten from a number of different perspectives, with no uniformity of information requirements, best practices or risk management advice. CRIF is working towards the development of greater synergy between effective risk management and appropriately tailored, cost-efficient insurance cover.
Recent research from the Department for Business, Innovation and Skills (BIS) revealed that 87% of small businesses suffered a data breach in 2012, and it’s the vulnerable SMBs that CRIF is aiming to protect.
Daljitt continued: “The government has shown that SMBs are in more danger than most people realise, which is why we’re targeting smaller businesses in particular. We want to help SMBs protect themselves, through both improved security standards and cyber insurance.”
The government is in the process of putting together a cyber organisational standard for UK organisations, and CRIF is assisting the government by providing a detailed response to the on going consultation.
“Developing Cyber resilience is imperative for business today” says Russell Price, Chairman of the Continuity Forum. He adds, “Few companies are really connecting Cyber Risk into management frameworks that can cope with its complexities and even fewer are properly assessing the wider risk to the business it presents.”
You might also like ...
In March 2013, the UK Department for Business, Innovation and Skills issued a “Call for Views and Evidence” that built on the commitments made in the 2011 Cyber Security Strategy published by government.
The Call for Evidence focused on the intention of government to encourage the adoption of industry led standards that can be used by organisations to improve the management of cyber risk.